<?php
	require_once('functions.php');
	
	function GetOrderStatuses()
	{
		$conn = GetConnection();
		return $conn->query('SELECT * FROM 2012WP_OrderStatus');
	}
	function GetOrderStatus($id)
	{
		$conn = GetConnection();
		$results = $conn->query("SELECT * FROM 2012WP_OrderStatus WHERE id=$id");//runs as a SQL statement, because is double quotes, php looks for variable ($id)
		$row = $results->fetch_assoc();
		$conn->close();
		return $row;
	}
	
	function SaveOrderStatus($row)
	{
		$conn = GetConnection();
		$row2 = EscapeRow($row, $conn);
		$sql = "UPDATE 2012WP_OrderStatus "
			.	"SET Description='$row2[Description]' "
			.	"WHERE id=$row2[id] ";
		$results = $conn->query($sql);
		$error = $conn->error;
		$conn->close();
		
		return $error == '' ? true: array('SQL Error' => $error);
	}
	
	function EscapeRow($row, $conn)
	{
		$arr = array();
		foreach($row as $key => $value)
		{
			$arr[$key] = $conn->real_escape_string($value);
		}
		return $arr;
	}